<?php
session_start();
require_once("include/common.inc.php");
require_once("include/lang/admin.lang.php");
$_CACHEDIR     =  'admin/cache';//编译目录
$_TEMPLATESDIR =  'admin/templates';//模板目录
$GLOBALS['lang'] = $lang;//后台语言全局数组
$act = isset($_GET['act'])?trim($_GET['act']) : '';
$todo   = isset($_GET['todo'])?trim($_GET['todo']) : '';
$do   = isset($_GET['todo'])?trim($_GET['do']) : '';
$id     = isset($_GET['id'])?intval($_GET['id']) : '';
$formhash=formhash();

switch($act)
{
	case '':
        include template('login');
      break;

    case 'checklogin':
        require_once('include/code.class.php');
		$photo = new captcha();
        $username     = trim($_POST['username']);
        $password     = trim($_POST['password']);
        $checkcode    = $_POST['code'];

		$captcha_word = $_SESSION['captcha_word'];

		submitcheck();//表单检测



		if(!isset($checkcode) || !isset($captcha_word) )

		{
			e('public_login_emptycode');
		}

		if( !$photo->check_word($checkcode,$captcha_word) )

		{
			e('public_login_errorcode');
		}

		unset($photo);

		$hascheck = checkuser($username,$password);

		if($hascheck)

		{
			e($hascheck);
		}

		$db->settable("{$tablepre}systemuser");

		$userarr = $db->Select(array('where'=>"username='".$username."'",'sum'=>1));



		if($userarr)
		{
			if( md5($password) == $userarr['password'] )
			{
				$_SESSION[PREFIX.'Uid'] = $userarr['id'];

				$_SESSION[PREFIX.'UserName']   = $username;

				$_SESSION[PREFIX.'lastlogintime'] = date('Y-m-d H:i:s',$userarr['lastlogintime']);

				$_SESSION[PREFIX.'lastloginip'] = $userarr['lastloginip'];

			    $userip    = $_SERVER['REMOTE_ADDR'];

				$db->Update(array('UpdateStr'=>array('lastloginip'=>$userip,'lastlogintime'=>$localtime),'where'=>'id='.$userarr['id']));

			} else
			{
				e('admin_login_passworderror');
			}
		} else
		{
			e('admin_not_username');
		}
		s('admin_login_success',"?act=show&todo=main");

		break;
		

	case 'logout' :

		session_destroy();//关闭SESSION

		s('admin_exit_success','admincp.php');

	case "show":

		CheckAccess();
	
		if($todo=='top')
		{


			$cate_result = $db->query("SELECT * FROM {$tablepre}systemaction WHERE fid = 0 ORDER BY listnum,id ASC");

			$cates = array();

			while($cate = $db->fetch_array($cate_result))
			{
				
				$cates[] = $cate;
			}

		}elseif ($todo=='index')
		{
              
			  	function ShowResult($v)
				{
					$LANG['yes'] = "是";
					$LANG['no'] = "否";
					return $v ? '<font color="blue"><b>'.$LANG['yes'].'</b></font>' : '<font color="red"><b>'.$LANG['no'].'</b></font>';
				}
			  $PHP_MODULE = get_loaded_extensions();
			  $gd = ShowResult(in_array('gd',$PHP_MODULE));
		



		}elseif($todo=='left')
		{
		
		
			$id=empty($id)?1:$id;
			$cate_result = $db->query("SELECT * FROM {$tablepre}systemaction WHERE id = ".$id." ORDER BY listnum,id ASC");
			$result=mysql_fetch_array($cate_result);
            $msg="<dl><dt><a href=\"###\" onclick=\"showHide('items0');\" target=\"_self\">".$result['title']."</a></dt>
    <dd id=\"items0\" style=\"display: block;\"><ul>";
			$child_result = $db->query("SELECT * FROM {$tablepre}systemaction WHERE fid = ".$id." ORDER BY listnum,id ASC");
			
			while($s=$db->fetch_array($child_result))
			{
				$msg.="<li><a href=\"?act=".$s['action']."&todo=".$s['todo']."&do=".$s['do']."\" target=\"main\">".$s['title']."</a></li>";
			
			}
			
  			$msg.="</ul></dd></dl>";
		
		}

		include template($todo);

		break;

   default:

	   $db->settable("{$tablepre}systemaction");

	   $action = $db->Select(array('where'=>"action='".$act."' AND fid!=0",'sum'=>1));
	   
	   
	  
		 if(!empty($action))
		{

			CheckAccess();//提交安全检查

			include 'admin/'.$action['page'];//调用模块文件
		}
		else
		{
			stop('public_unknowaction');
		}

   		break;



}



$quernum  = $db->query_num;

$db->close();

unset($db);

$end_time = array_sum(explode(' ',microtime()));// 程序运行信息

$runtime  = number_format( $end_time - $start_time, 10);

echo "\n<!--  $quernum times query, processed in $runtime second(s)  -->";

ob_flush();

?>